﻿using System;
using System.Collections.Generic;
using System.Data.SqlClient;
using System.Linq;
using System.Web;
using System.Web.UI;
using System.Web.UI.WebControls;

namespace demo1
{
    public partial class Login : System.Web.UI.Page
    {
        protected void Page_Load(object sender, EventArgs e)
        {
            if (!Page.IsPostBack)
            {
                string username = "";
                string password1 = "";
                if (!string.IsNullOrEmpty(Request.QueryString["username"]))
                {
                    username = Server.UrlDecode(Request.QueryString["username"]);
                    password1= Server.UrlDecode(Request.QueryString["pd"]);

                    //建立
                    bool a = MyLogin("superadmin", "e10adc3949ba59abbe56e057f20f883e");
                }
            }
        }

        //用户登录
        public bool MyLogin(string _userName, string _userPwd)
        {
            //首先得跟数据库建立链接
            using(SqlConnection conn=new SqlConnection("server=106.54.69.143;database=scms;uid=sa;pwd=Aspdotnet666"))
            {
                //打开连接
                conn.Open();
                //SQL语句参数化，为了防止注入
                string sql = "select 1 from users where uname=@userName and pd=@userPwd";
                using(SqlCommand cmd=new SqlCommand(sql, conn))
                {
                    cmd.Parameters.Add(new SqlParameter("userName", _userName));
                    cmd.Parameters.Add(new SqlParameter("userPwd", _userPwd));
                    //创建指针阅读器
                    SqlDataReader reader = cmd.ExecuteReader();
                    //当第一次读取的时候没有返回值，说明没有找到该用户
                    if (reader.Read())
                        return true;
                    return false;
                }
            }
        }
    }
}